<?php

/**
 *
 * @author Administrator
 */
class UserController {
    // TODO - Insert your code here
    private $path = "";
    private $lan;

    /**
     */
    function __construct() {

        $this->path = "../src/module/admin/page_user/temp/";

        if (isset( $_SESSION[SESSION_LANGUAGE])) {
        	$this->lan = $_SESSION[SESSION_LANGUAGE];
        } else {
        	$this->lan = DEFAULT_LANGAUGE;
        }
    }

    /**
     * User submit login function
     * @return multitype:
     */
    public function userLogin() {

        $response_array = array();
        
        $username = $_REQUEST[USER_USERNAME];
        $password = md5( $_REQUEST[USER_PASSWORD]);
        
        $db = new DBAccess();
        $login = $db->selectOneByCause( array(USER_ROLE), USERS, array(USER_USERNAME => $username, SQL_AND, USER_PASSWORD => $password));
        
        if ($login != null && count( $login) > 0 && isset( $login[USER_ROLE]) && ! empty( $login[USER_ROLE])) {
            $response_array[STATUS] = STATUS_OK;
            $response_array[MESSAGE] = getMessage( MESSAGE_LOGIN_SUCCESSFUL);
            $response_array[LINK] = SITE_ADMIN;
            
            $_SESSION[SESSION_USERNAME] = $username;
            $_SESSION[SESSION_ROLE] = $login[USER_ROLE];
            $this->lan = DEFAULT_LANGAUGE;
        
        } else {
            $response_array[STATUS] = STATUS_FAIL;
            $response_array[MESSAGE] = getMessage( MESSAGE_LOGIN_FAIL);
        }
        
        // return reponse array
        return $response_array;
    }

    /**
     * View profile function
     * @return Ambigous <string, unknown_type, boolean>
     */
    public function viewProfile() {
        
        // create xTemplate
        $template = new XTemplate( $this->path . $this->lan . "/profile.html");
        
        // assign controller and action
        $template->assign( CONTROLLER, PVALUE_CONTROLLER_PAGE_USERS);
        $template->assign( ACTION, PVALUE_ACTION_SUBMIT_PROFILE);
        
        $db = new DBAccess();
        $profile = $db->selectOneByCause( $GLOBALS['userFullColArray'], USERS, array(USER_USERNAME => $_SESSION[SESSION_USERNAME]));
        
        if ($profile == null || count( $profile) == 0) {
        
        }
        
        // assign form item
        $template->assign( FORMITEM, $profile);
        $template->parse( PAGECONTENT . "." . FORMITEM);
        
        // return page
        $template->parse( PAGECONTENT);
        return $template->out( PAGECONTENT);
    
    }

    /**
     * View change password page
     * @return Ambigous <string, unknown_type, boolean>
     */
    public function viewChangePassword() {
        
        // create xTemplate
        $template = new XTemplate( $this->path . $this->lan . "/password.html");
        
        // assign controller and action
        $template->assign( CONTROLLER, PVALUE_CONTROLLER_PAGE_USERS);
        $template->assign( ACTION, PVALUE_ACTION_SUBMIT_CHANGEPASSWORD);
        
        // return page
        $template->parse( PAGECONTENT);
        return $template->out( PAGECONTENT);
    }

    public function viewHistoryAction() {

    }

    /**
     * User submit profile function
     * @return multitype:
     */
    public function submitProfile() {
        
        // reponse array
        $response_array = array();
        
        // get input
        $profile[USER_ID] = $_REQUEST[USER_ID];
        $profile[USER_EMAIL] = $_REQUEST[USER_EMAIL];
        $profile[USER_FULLNAME] = $_REQUEST[USER_FULLNAME];
        $profile[USER_IMAGE] = $_REQUEST[USER_IMAGE];
        $profile[USER_CARDID] = $_REQUEST[USER_CARDID];
        $profile[USER_DATEOFBIRTH] = $_REQUEST[USER_DATEOFBIRTH];
        $profile[USER_ADDRESS] = $_REQUEST[USER_ADDRESS];
        $profile[USER_CELLPHONE] = $_REQUEST[USER_CELLPHONE];
        $profile[USER_HOMEPHONE] = $_REQUEST[USER_HOMEPHONE];
        
        // update data to database
        $db = new DBAccess();
        
        if ($db->updateData( $profile, USERS)) {
            $response_array[STATUS] = STATUS_OK;
            $response_array[MESSAGE] = getMessage( MESSAGE_UPDATE_SUCCESSFUL);
            $response_array[BACK] = "maincontent.php?ctrl=" . PVALUE_CONTROLLER_PAGE_USERS . "&act=" . PVALUE_ACTION_VIEW_PROFILE;
        } else {
            $response_array[STATUS] = STATUS_FAIL;
            $response_array[MESSAGE] = getMessage( MESSAGE_UPDATE_FAIL);
        }
        
        // sleep(4);
        return $response_array;
    }

    /**
     * User submit change password function
     * @return multitype:
     */
    public function submitChangePassword() {

        $response_array = array();
        
        $oldPassword = md5( $_REQUEST['OldPassword']);
        $newPassword = $_REQUEST['NewPassword'];
        $confirmPassword = $_REQUEST['ConfirmPassword'];
        
        // check old password
        $db = new DBAccess();
        $user = $db->selectOneByCause( array(USER_ID), USERS, array(USER_USERNAME => $_SESSION[SESSION_USERNAME], SQL_AND, USER_PASSWORD => $oldPassword));
        
        if ($user == null || count( $user) == 0 || ! isset( $user[USER_ID]) || empty( $user[USER_ID])) {
            $response_array[STATUS] = STATUS_ERROR;
            $response_array[MESSAGE] = getMessage( MESSAGE_PASSWORD_INCORRECT);
        } else {
            if ($newPassword != $confirmPassword) {
                $response_array[STATUS] = STATUS_ERROR;
                $response_array[MESSAGE] = getMessage( MESSAGE_PASSWORD_NOTSAME);
            } else {
                $user[USER_PASSWORD] = md5( $newPassword);
                if ($db->updateData( $user, USERS)) {
                    $response_array[STATUS] = STATUS_OK;
                    $response_array[MESSAGE] = getMessage( MESSAGE_UPDATE_SUCCESSFUL);
                    $response_array[BACK] = "logout.php";
                } else {
                    $response_array[STATUS] = STATUS_FAIL;
                    $response_array[MESSAGE] = getMessage( MESSAGE_UPDATE_FAIL);
                }
            }
        }
        
        // return reponse array
        return $response_array;
    }

    /**
     * Reset password function
     * @return multitype:string
     */
    public function submitResetPassword() {

        $response_array = array();
        
        // get email
        $email = $_REQUEST[USER_EMAIL];
        
        // select user
        $db = new DBAccess();
        $user = $db->selectOneByCause( array(USER_ID, USER_USERNAME), USERS, array(USER_EMAIL => $email));
        
        if ($user == null || count( $user) == 0 || ! isset( $user[USER_ID]) || empty( $user[USER_ID])) {
            $response_array[STATUS] = STATUS_ERROR;
            $response_array[MESSAGE] = getMessage( MESSAGE_EMAIL_NOTFOUND);
        } else {
            $time = time();
            $password = "mk" . $time;
            $user[USER_PASSWORD] = md5( $password);
            if ($db->updateData( $user, USERS)) {
                $response_array[STATUS] = STATUS_OK;
                $response_array[MESSAGE] = getMessage( MESSAGE_RESETPASS_SECCESSFUL);
                
                $emailer = new EmailController();
                $emailer->emailResetPass($user[USER_USERNAME], $email, $password);
            } else {
                $response_array[STATUS] = STATUS_FAIL;
                $response_array[MESSAGE] = getMessage( MESSAGE_RESETPASS_FAIL);
            }
        }
        
        // return reponse array
        return $response_array;
    }

    /**
     */
    function __destruct() {
        
        // TODO - Insert your code here
    }
}

?>